On my WSUS servers the files corresponding to this patch and the twin kb3185611 for both Windows 10 and Server 2016 are failing to download and retrying over and over again. The failure errors in the SoftwareDistribution.log file give “CRC verification failure” as the reason.

So I’m thinking that either the source files at Microsoft are corrupted, or they have calculated the CRCs for the files incorrectly and published that in the metadata.

I would question the wisdom of taking manual actions to kick a balky install into gear.

Happened to me too. First only 45% until Windows Update let me install KB890830 and KB3188128 while offline then it got to 95% and stayed there.

Madness, I say! Weren’t cumulative updates supposed to give Microsoft a chance to test a bundle of patches together before releasing them? I think I will wait for the dust to settle before I bypass Windows Update to install KB3189866 manually.

Meanwhile, since my concern was with security patches I got to looking at the Microsoft Security Bulletin [https://technet.microsoft.com/en-us/library/security/ms16-104.aspx].

There I noticed EMET [http://www.microsoft.com/emet] which says:
“The Enhanced Mitigation Experience Toolkit (EMET) enables users to manage security mitigation technologies that help make it more difficult for attackers to exploit memory corruption vulnerabilities in a given piece of software.”

This morning “Update status” again said “We couldn’t install some updates because the PC was turned off.” Today I decided to ignore the [Retry] button which I had clicked yesterday.

And lo and behold this afternoon I see that “Update status” says:
A restart is required to finish installing the following updates:
* Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB3189866).
[Restart now]
After restarting, winver now shows “Version 1607 (OS Build 14393.187)”.

This all reminds me of sayings like “All things come to those who wait” and “Ignorance is bliss” and also “Much Ado About Nothing” a play by William Shakespeare.

Also Microsoft has officially stated that there is no need for EMET in Windows 10 as the OS already contains protections such as
Device Guard, Control Flow Guard and AppLocker. For the similar reasons, EMET doesn’t offer any additional mitigations for the Edge browser. See [http://blogs.technet.com/b/srd/archive/2016/02/02/enhanced-mitigation-experience-toolkit-emet-version-5-5-is-now-available.aspx].

Author

Posts

Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

Reply To: If Win10 Anniv Update patch KB 3189866 stalls at 45% or 95%, here’s how to get it going without using IE

You can use BBCodes to format your content.Your account can't use Advanced BBCodes, they will be stripped before saving.

Plus Membership

Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.

AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments. Click here for details and to sign up.